Description

One or more documentation files (e.g. readme.txt, changelog.txt, ...) were found. The information contained in these files could help an attacker identify the web application you are using and sometimes the version of the application. It's recommended to remove these files from production systems.

Remediation

Remove or restrict access to all documentation file acessible from internet.

Related Vulnerabilities

WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)

CVS Detected

IBM WebSphere/WebLogic application source file exposure

Tracy debugging tool enabled

Joomla! Core 2.5.x Information Disclosure (2.5.0 - 2.5.9)

Severity

Low

Classification

CWE-538 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files